Conventional technologies include kernel protection mechanisms. Kernel protection mechanisms allow enforcement of kernel protection measures that prevent portions of the kernel from being executed and/or modified. These mechanisms are useful for thwarting at least some malware and helping to safeguard the integrity of the kernel.
One issue that has arisen is that these kernel protection mechanisms are not compatible with other technologies that require write and/or execute access to the kernel. That is, the kernel protection mechanisms may render other technologies inoperable. For example, the kernel protection mechanisms may prevent particular features from being provided. These issues may result in the kernel protection mechanisms being impractical for use in production environments.
Accordingly, while kernel protection mechanisms may be helpful in some ways, they may also counter useful features that allow users to perform beneficial activities. For example, a user may want to reuse a same memory space to execute more than one kernel. However, due to a kernel protection mechanism, the memory space used to execute a first kernel may be inaccessible for executing a second kernel. Accordingly, the user may be prevented from executing multiple kernels in the memory space.
It would be advantageous to allow memory to be utilized by multiple kernels, while at the same time allowing kernel protection mechanisms to be implemented. The techniques provided herein allow providing multiple kernels and transitioning between the kernels in a protected kernel environment.
Embodiments of the present disclosure and their advantages are best understood by referring to the detailed description that follows.